CVE-2024-27181

Summary

In Apache Linkis <= 1.5.0,

Privilege Escalation in Basic management services where the attacking user is

a trusted account

allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Linkis Basic management services1.3.2 < 1.6.0affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References